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REMARKS 

In this Amendment, claims 1, 7-15, 17, 18, 25-27, 36-40, 52, 58, 59, 62 and 63 are 
amended and claim 5 is canceled. By this Amendment, claims 1, 7-15, 17, 18, 25-27, 36-40, 
52, 58, 59, 62 and 63 have been amended to merely clarify the recited subject matter without 
any intention of narrowing the scope of any of the claims. Applicants have amended the 
currently pending claims in order to expedite prosecution and do not, by this Amendment, 
intend to abandon subject matter of the claims as originally filed or later presented, and 
reserve the right to pursue such subject matter in a continuing application. Claims 1-4, 6-54, 
and 56-63 are pending in this patent application. Reconsideration of the rejection in view of 
the remarks below is requested. 

With respect to the objections to the claims, claim 5 has been canceled and so, the 
objection to that duplicate claim is now moot. Applicants submit that claims 23 and 24 are 
not identical. Claim 23 recites, in part, "said entities in an organization are represented in a 
public key infrastructure directory" while claim 24 recites, in part, "at least one of said 
characteristics and said relationships is represented in a directory." While both claims recite a 
"directory", any similarity ends there and accordingly, applicants have not deleted either of 
claim 23 or claim 24. Claims 17 and 18 have been amended to correct the typographical 
errors gratefully noted by the Examiner. Finally, applicants acknowledge the claim 
numbering oversight with respect to missing claim 55. However, applicants do not propose to 
take any action with respect thereto and kindly request that the claims be renumbered upon 
allowance without taking into consideration missing claim 55. 

The Office Action rejected claim 1 under 35 U.S.C. §112, second paragraph as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicants regard as the invention. More specifically, the Office Action provided inter alia 
that "since the claim does not set forth any steps involved in the method/process, it is unclear 
what method/process applicant is intending to encompass." Applicants submit that claim 1 
clearly recites steps involved in the method "for control and maintenance of operational 
organizational structure." Particularly, the method of claim 1 comprises the steps of 
"electronically" "associating entities with cryptographic capabilities", "organizing entities 
within the organizational structure as roles", and "maintaining roles within the organizational 
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structure." Accordingly, the rejection of claim 1 under 35 U.S.C. §112, second paragraph is 
traversed and appHcants submit that claim 1 is allowable. 

The Office Action further rejected claims 1-15 under 35 U.S.C. §101. Specifically, 
the Office Action provided that "the claimed recitation of a use, without setting forth any 
steps involved in the process, results in an improper definition of a process", "the claimed 
invention is directed to non- statutory subject matter", and "the claimed invention 
is ...inoperative and therefore lacks utility." 

As noted above, with respect to the rejection under 35 U.S.C. §112, second paragraph, 
claim 1 clearly recites steps involved in the method "for control and maintenance of 
operational organizational structure." Particularly, the method of claim 1 comprises the steps 
of "electronically" "associating entities with cryptographic capabilities", "organizing entities 
within the organizational structure as roles", and "maintaining roles within the organizational 
structure." Dependent claims 2-4 and 6-15 merely further define claim 1 and thus are 
patentable. Applicants submit that the cases Li Ex parte Dunki, 153 USPQ 678 (Bd. App. 
1967) and Clinical Products Ltd. v. Brenner, 255 F. Supp. 131, 149 USPQ 475 (D.D.C. 1966) 
are inapposite. Those cases involved the following basic claim forms: "The use of X as a Y" 
and "The use of X in the Y". Applicants' claim 1 is clearly not in either of those forms. 

Further, applicants submit that claims 1-4 and 6-15 define patentable subject matter. 
Claim 1 is at least patentable as a "new and useful process" as provided in 35 U.S.C. §101, 
more specifically a patentable method for control and maintenance of an operational 
organization structure comprising electronically associating entities with cryptographic 
capabilities, organizing entities within the organizational structure as roles; and maintaining 
roles within the organizational structure. The Office Action has not identified how claims 1-4 
and 6-15 do not fall within the subject matter of 35 U.S.C. §101, particularly the "new and 
useful process" subject matter of 35 U.S.C. §101. 

Finally, appHcants submit that claims 1-4 and 6-15 are operative and therefore have 
utility. The specification, including the claims, and drawings of this application clearly set 
forth the operation and utility of the claimed invention. The Office Action has not identified 
how claims 1-4 and 6-1 5 do not work and therefore lack utility. 

Accordingly, for at least the above reasons, the rejection of claims 1-4 and 6-15 under 
35 U.S.C. §101 is traversed and claims 1-4 and 6-15 are allowable. 
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The Office Action rejected claims 1-10, 13-39, 41-44, 47-57, 59 and 61-63 under 35 
U,S,C. § 102(e) as being unpatentable over Lampson et al., "Authentication in Distributed 
Systems: Theory and Practice", ACM Transactions on Computer Systems, Vol. 10, No. 4, 
Nov. 1992, pgs. 265-310. Applicants respectfully traverse the rejection because the teachings 
of Lampson et al. fail to disclose, teach or suggest all the features recited in combination in 
the rejected claims. 

For example, the teachings of Lampson et al. fail to at least disclose, teach or suggest 
a "method for control and maintenance of an operational organizational structure," 
comprising "associating entities with cryptographic capabilities", "organizing entities within 
the organizational stmcture as roles", and "maintaining roles within the organizational 
structure" as recited in independent claim 1 and its dependent claims 1-4, 6-10, and 13-15. 

Lampson et al. merely disclose a theory of authentication and a system that 
implements it. The theory is based on the notion of principal and "speaks for" relation 
between principals. The theory shows how to reason about a principal's authority by 
deducing the other principals that it can speak for. In particular, they describe a system that 
passes principals efficiently as arguments or results of remote procedure calls, and handles 
public and shared key encryption, name lookup in a large name space, groups of principals, 
program loading, delegation, access control and revocation. Lampson et al., abstract. 

As noted in applicants' specification, cryptographic representation of an organization 
has typically been defined statically, for a given time. But, such representation has limits 
especially in organizations facing structural or dynamic changes. Thus, applicants' claimed 
invention relates to control and maintenance of an organizational or operational structure to 
solve, for example, management of dynamic organizations which often can face significant 
structural changes. Applicants submit that Lampson et al. fail to disclose, teach or suggest 
any type of method for control and maintenance of an operational organizational structure as 
recited in claim 1. Rather, Lampson et al. is directed to a security system, particularly an 
authentication system. 

Further, and more specifically, applicants' submit that Lampson et al. fail to disclose, 
teach or suggest organizing entities within an organization structure as roles, entities which 
have associated cryptographic capabilities. While Lampson et al. disclose an authentication 
system that may be applied to an organization, Lampson et al. fail to disclose any method for 
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organizing entities with an organization as roles. The only roles Lampson et al, discuss are 
roles, for principals, that appear to be supplied to the authentication system of Lampson et al. 
See, e.g., p. 268 of Lampson et al. as cited by the Office Action. Lampson et al. provide no 
disclosure, suggestion or teaching regarding organizing entities within an organizational 
structure as roles as recited in claim 1 , 

Additionally, Lampson et al. fails to disclose, teach or suggest maintaining roles 
within the organizational structure. As noted above, while the authentication system of 
Lampson et al. may be applied to an organization, applicants submit there is no disclosure, 
suggestion, or teaching by Lampson et al. how their system or its operation can or does 
maintain roles within an organizational structure. Rather, the Lampson et al. system and its 
operation merely facilitates secure communication using principals as roles. See, e.g., p. 268 
of Lampson et al.. 

Further, the teachings of Lampson et al. fail to at least disclose, teach or suggest a 
"system for control and maintenance of an operational structure" comprising "maintaining 
capabilities of entities", "maintaining functions of entities", "maintaining characteristics of 
entities", "maintaining relationships of entities", and "changing the maintained said entities 
said characteristics and said relationships" as recited in independent claim 16 and its 
dependent claims method 17-39, 41-44, and 47-51. 

As similarly discussed above in respect of claim 1 and its dependent claims, 
applicants submit that Lampson et al. fail to disclose, teach or suggest any type of method for 
control and maintenance of an operational structure as recited in claim 16. Rather, Lampson 
et al. is directed to a security system, particularly an authentication system. 

Further, Lampson et al. provides no disclosure regarding maintaining capabilities of 
entities, such as a role in an organization (see, e.g., claim 19), maintaining functions of 
entities, such as an operation by a functionary in an organization (see, e.g., claim 22), 
maintaining characteristics of entities, such as an entity's size, threshold for a quorum, or 
visibility (see, e.g., page 21 of the specification) or maintaining relationships of entities. As 
discussed above in respect of claim 1, while the authentication system of Lampson et al. may 
be applied to an organization, applicants submit there is no disclosure, suggestion, or teaching 
by Lampson et al. how their system or its operation can or does maintain capabilities, 
functions, characteristics and relationships of entities within organizations as recited in claim 
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16. Rather, the Lampson et al. system and its operation merely facilitates secure 
communication. 

Lampson et al. also fail to provide any disclosure, teaching or suggestion regarding 
changing the maintained said entities said characteristics and said relationships. While the 
Lampson et al. authentication system may be applied to an organization, all relevant data 
about such organization is merely supplied to and used by the authentication system of 
Lampson et al. There simply appears to be no disclosure, teaching or suggestion regarding 
changing maintained entities, characteristics and relationships within an organization. 
Applicants submit the discussions at pgs. 271-274 of Lampson et al. (as cited by the Office 
Action) regarding statements is inapposite. There, Lampson et al. set forth how they propose 
to handle statements in their system for the purposes of authentication. For example, they 
address how to handle circumstances where one principal makes a statement on behalf of 
another principal. There is no indication or suggestion of any sort that the statements 
referenced in Lampson et al. perform any type of changing maintained entities, characteristics 
and relationships within an organization. Lampson et al. merely discuss how to handle 
authentication of statements. 

Finally, the teachings of Lampson et al. fail to at least disclose, teach or suggest a 
system comprising "a maintenance system by which said database and said cryptographic 
authorities are maintained in coordination and by authorized parties assuring the 
representation of said organization and said cryptographic capabilities are soundly associated 
as defined by the coordination directives" and "maintenance transactions acting within said 
maintenance system, maintaining a view representing an organization" as recited in 
independent claim 52 and its dependent claims 53-57, 59 and 61-63. 

As discussed above, Lampson et al. disclose a security system. In an embodiment, the 
system of Lampson et al. may make use of a certification authority as is well known. With 
respect to such a certification authority, Lampson et al. disclose the traditional methods of 
key and certificate management (including issuance, revocation, etc.). See, e.g., Lampson et 
al., pgs. 283-285. However, Lampson et al. fail to disclose, teach or suggest a maintenance 
system by which the database, representing entities of an organization and their 
characteristics, roles and relationships, and the cryptographic authorities are maintained in 
coordination and by authorized parties assuring the representation of the organization. For 
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secure communication, the Lampson et al. system simply relies on, for example, checking the 
integrity (e.g., expiry) of the certificates themselves or checking certificate revocation lists 
but does not address, for example, the basic issue of the proper association of an entity to a 
cryptographic capability. Thus, applicants submit that Lampson et al., particularly at pg. 270, 
just don't discuss, teach or suggest a maintenance system by which the database, representing 
entities of an organization and their characteristics, roles and relationships, and the 
cryptographic authorities are maintained in coordination, more particularly by authorized 
parties representing the organization and such that the cryptographic capabilities are soundly 
associated as recited in claim 52. 

Further, Lampson et al. do not disclose, teach or suggest maintenance transactions 
acting within said maintenance system, maintaining a view representing an organization as 
recited in claim 52. As discussed above, Lampson et al. do not disclose any sort of 
maintenance system. Moreover, Lampson et al. do not disclose maintaining any sort of view 
representing an organization. Page 270 of Lampson et al, merely discloses gathering of 
information and using algorithms to check whether to grant access. Applicants submit that 
there is just no indication that the gathering and checking corresponds to maintaining a view 
representing an organization. 

Therefore, for at least the above reasons, Lampson et al. fails to disclose, suggest or 
teach all the features recited in claims 1-10, 13-39, 41-44, 47-57, 59 and 61-63 and thus are 
least patentable under 35 U.S.C. §102 and 35 U.S.C. §103. Thus, the rejection of claims 1-10, 
13-39, 41-44, 47-57, 59 and 61-63 is traversed and claims 1-10, 13-39, 41-44, 47-57, 59 and 
61-63 are allowable. 

Furthermore, the Office Action rejected claims 11, 12, 40, 45-46, and 58 under 35 
U.S.C. § 103(a) as being obvious over Lampson et al. and rejected claim 60 under 35 U.S.C. 
§ 103(a) as being obvious over Lampson et al. in view of the Unified Modeling Language 
Version 1.0 (January 13, 1997) ("UML specification"). As applicants submit above that 
independent claims 1, 16, and 52 are novel and non-obvious in view of Lampson et al., 
applicants accordingly submit that claims 11, 12, 40, 45-46, 58 and 60, which respectively 
are directly or indirectly dependent fi-om independent claims 1, 16 and 52, are therefore not 
obvious. Thus, for at least the above reasons, Lampson et al. fails to disclose, suggest or teach 
all the features recited in claims 11, 12, 40, 45-46, and 58 and Lampson et al. in combination 
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with the UML specification fails to disclose, suggest or teach all the features recited in claim 
60. Thus, the rejection of claims 11, 12, 40, 45-46, 58 and 60 is traversed and claims 11, 12, 
40, 45-46, 58 and 60 are allowable. 

All objections and rejections having been addressed, it is respectfully submitted that 
the present application is in condition for allowance. If questions relating to patentability 
remain, the examiner is invited to contact the undersigned to discuss them. 

Should any fees be due, please charge them to our deposit account no. 03-3975, under 
our order no. 061047/0265649. The Commissioner for Patents is also authorized to credit any 
over payments to the above-referenced deposit account. 




Respectfully submitted, 
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